Silent Storm Security brings your cybersecurity and compliance stance to a higher level through a cost efficient proven set of auditing procedures across a wide range of intrusion vectors. Our approach is a simple one, take an inherently challenging process and make it as straightforward as possible.
PCI-DSS Remediation Consulting
For all merchants and service providers undergoing a PCI assessment.
PCI-DSS Reports on Compliance
As a licensed QSA firm, we can conduct your Level 1 PCI-DSS assessment for a Report on Compliance.
23 NYCRR Part 500
Get assistance with NY regulation 23 NYCRR Part 500 establishing cybersecurity requirements for financial services companies.
Get a security assessment to comply with the new HIPAA Security Rule.
PCI GAP Reports
The first step for merchants and service providers seeking to be PCI compliant.
PCI SAQ Consulting
For companies needing guidance while conducting PCI Self Assessment Questionnaires.
When was your last pen-test? Get peace of mind with regular testing.
Let us identify future challenges so you can plan accordingly.
Get your ISO certificate with the help of knowledgable and experienced professionals.
NERC CIP Consulting
Protect the cyber infrastructures that are used throughout the electrical utility industry.
NIST SP 800-171 Consulting
Properly handle Controlled Unclassified Information (CUI) on non-federal information systems.
Service Organization Control (SOC) reports that address assurance for service organizations.
Customized Consulting Services
Phishing tests, USB drop tests, physical security assessments, etc.
Find, analyze and recover digital evidence on modern media.
Let us manage some or all of your IT functions.
What is the HIPAA Security Rule?
The Office for Civil Rights (OCR) is responsible for issuing annual guidance on the provisions in the HIPAA Security Rule.1 (45 C.F.R. §§ 164.302 – 318.) This series of guidances will assist organizations in identifying and implementing the most effective and appropriate administrative, physical, and technical safeguards to secure electronic protected health information (e-PHI).
What is PCI Compliance?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. The Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with a focus on improving payment account security throughout the transaction process.
Prioritize cybersecurity investments based on risk to the business.
Have a plan for responding to insider threats.
More concerned about cybersecurity threats this year than in the past.
Collaborate with others to deepen their knowledge of security and threat trends.
*Key findings from the 2014 US State of Cybercrime Survey
About Silent Storm Security
The two founding partners, R. Scott Pierangelo and Ron Alejandro Abarca, believe that working together with their clients with a team mentality is the only approach. Silent Storm Security
We do not provide managed services (other than policies and procedures and security training for sale) and are solely an independent audit based firm. However, if you do require managed services to meet controls for an audit framework, we have strategic partners in the industry who have proven to be proficient. We offer to consult in both English and Spanish.
R. Scott Pierangelo MSCS, CISSP, PCIP, QSA, CISA, CISM, CRISC, CGEIT, PMP
Mr. Pierangelo has been conducting auditing assessments for over five years. He has worked for Trustwave and Coalfire as a Consultant/
R. Alejandro Abarca BSISM, CISA
Mr. Abarca has been working in the information technology industry for over 15 years within both small businesses and large scale enterprise environments in the banking industry (HSBC Securities) always making information & network security his top priority with extensive experience in Access Control, Active Directory and Group Policy. Ronald received his B.S. in Information Systems Management with a concentration in Network Security & Administration from New York University. His certifications include Certified Information Systems Auditor (CISA).
AFCEA Corporate Member
Silent Storm Security is a proud member of the AFCEA. Learn more at afcea.org.
AFCEA is a professional association that connects innovative people, great ideas and vital solutions to advance global security. We do that by developing networking and educational opportunities and providing them in an ethical forum. This enables military, government, industry and academia to align technology and strategy to meet the needs of those who serve.
Contact Silent Storm Security
Contact the compliance professionals at Silent Storm Security by calling 800-668-1419 or use the form below.